How to SSH as a Different User When the Host User Has No SSH Key on Remote Machine


2 views

Let's break down the situation:

  • Local machine user: john (macOS)
  • Remote server: Slicehost instance
  • Remote user configured for SSH access: deploy
  • Key setup: Private key for deploy exists locally, public key for deploy is on the server
  • No SSH keys for john exist on the remote server

Do you need to add john's public key to the remote server to SSH as deploy? The answer is no. SSH authentication is based on the key pair you're using, not your local username.

Here's the correct command to SSH as deploy:

ssh -i ~/.ssh/deploy_private_key deploy@your-slicehost-ip

Key points:

  • The -i flag specifies which private key to use
  • The remote username (deploy) comes before the @
  • Your local username (john) doesn't affect the authentication

Permission issues: Ensure your private key has correct permissions:

chmod 600 ~/.ssh/deploy_private_key

Key not in default location: If your key isn't in ~/.ssh/, use the full path:

ssh -i /path/to/custom/location/deploy_key deploy@host

For frequent access, create an entry in ~/.ssh/config:

Host slicehost-deploy
    HostName your-slicehost-ip
    User deploy
    IdentityFile ~/.ssh/deploy_private_key

Then simply use:

ssh slicehost-deploy
  • Never share private keys
  • Use passphrase-protected keys when possible
  • Consider rotating keys periodically
  • Use ssh-copy-id for initial key setup (when applicable)

When you SSH into a remote server, authentication works at the user account level, not the machine level. The key configuration on the remote server is tied to specific user accounts in their ~/.ssh/authorized_keys files.

In your case:

  • Local machine user: john (Mac)
  • Remote server user: deploy (Slicehost)
  • The deploy user's public key exists on the server
  • The john user's public key does not exist on the server
  • You have deploy's private key on your local machine

You don't need to add john's public key to the remote server. Simply specify:

ssh -i /path/to/deploy_private_key deploy@your-slicehost-domain.com

Or if your private key is in the default location (~/.ssh/id_rsa):

ssh deploy@your-slicehost-domain.com

Create or edit ~/.ssh/config on your local machine:

Host slicehost
    HostName your-slicehost-domain.com
    User deploy
    IdentityFile ~/.ssh/deploy_private_key
    IdentitiesOnly yes

Now you can simply run:

ssh slicehost

To debug connection issues, use the verbose flag:

ssh -v slicehost

Key things to check in the output:

  • Which private key is being offered
  • Whether the server accepts the key
  • Authentication success/failure messages

Ensure proper file permissions:

chmod 600 ~/.ssh/deploy_private_key
chmod 700 ~/.ssh

On the remote server:

chmod 700 ~deploy/.ssh
chmod 600 ~deploy/.ssh/authorized_keys